But how secure is my information on their servers? More and more recently, there have been stories of large scale identity thefts from databases by hackers, or an employee having a laptop stolen with a gazillion names on it etc. That's my concern.

Everybody's got their own risk tolerance level. Paypal is considered to be diligent in working to keep its customers safe and they're proactive in security, from what I read. I'd rather trust one site with my banking information, a site that's got quite a few protections built in, than trust every merchant with whom I want to do business with my CC information. I like those extra layers of protection and recourse.

But that's me.

What if my doctor's system is hacked? Or my bank, or my cable company, or...? Even information we give to providers and merchants face to face gets entered into a data system somewhere. At some point, everybody has to decide for themselves whether the systems they deal with have enough protection to let them sleep at night without worrying over being defrauded.

Side note: in setting up an apartment in another city (we're moving for DH's work), I'm running up our CCs like a drunken sailor. As soon as an "unusual pattern" alarm got triggered (which didn't take much) my CC was frozen and they were calling me to see if I was aware of the charges. This was within minutes of a big online purchase. To me, that's a good system (and I resolved it in 2 minutes).